Re: Filesystem Capabilities in 2.6?

Olaf Dietsche (olaf.dietsche#list.linux-kernel@t-online.de)
Sun, 03 Nov 2002 14:55:39 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Olaf Dietsche: "Re: [REPORT] current use of capabilities"
Previous message: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"

Linus Torvalds <torvalds@transmeta.com> writes:

> On Sat, 2 Nov 2002, David D. Hagood wrote:
>> Linus Torvalds wrote:
>>
>> Would this not allow a user to add permissions to a file, by creating a
>> new directory entry and linking it to an existing inode?
>>
>> Would that not be a greater security hole?
>
> No. The file itself has _no_ capabilities at all. If you just link to it,
> you can give it whatever capabilities _you_ have as a user (well, normal
> users don't really have any capabilities to give, but you get the idea).

So, this would be the inheritable set only.

Regards, Olaf.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Olaf Dietsche: "Re: [REPORT] current use of capabilities"
Previous message: Olaf Dietsche: "Re: Filesystem Capabilities in 2.6?"